Millions of the UK’s SMEs remain exposed to the fall out following a cyber attack, according to research published today. A third of SMEs which have been offered cyber insurance have opted to go without -- the key barrier a belief that the business is too small to be targeted. This is among the findings of joint research from CFC Underwriting and Premium Credit.

This report comes as government figures show nearly a third of small businesses have suffered cyber attacks in the past year at an average cost of £3,650.

Almost a quarter of the SMEs polled say they believe cyber insurance to be inadequate, and a fifth say they simply don't understand it. Just 10% say they cannot afford it. Almost two-thirds say they have never even been offered the cover.

The research does at least show that many small companies are taking some action to improve cyber security, with only 3% found to have done absolutely nothing.

Distribution director at CFC Underwriting, Pat Brice, said more needs to be done to articulate the value of this increasingly important cover.

"It is becoming apparent that businesses are far more likely to fall victim to cyber crime than they are to traditional crime, yet they routinely don’t have the cyber protection they need. Insurance providers and brokers need to work together to make sure they are encouraging businesses in all industries to complement good cyber security with cyber insurance in case the worst happens.”


In figures: Cyber security measures in UK SMEs (Source: CFC Underwriting and Premium Credit)

71% use antivirus software:

66% regularly back up data

57% scan for malware and change passwords

47% back up data to the cloud

46% say all laptops use encryption

43% say all devices used outside office are password/PIN protected

38% say all devices used outside office can be locked/tracked if stolen

37% use a password manager

33% patch all software/firmware using latest manufacturer software

24% say staff sending sensitive data outside office use VPNs/3G/4G

Share Story: